Currently, I use dockerproxy + swag and Cloudflare for externally-facing services. I really like that I don’t have to open any ports on my router for this to work, and I don’t need to create any routes for new services. When a new service is started, I simply include a label to call swag and the subdomain & TLS cert are registered with Cloudflare. About the only complaint I have is Cloudflare’s 100MG upload limit, but I can easily work around that, and it’s not a limit I see myself hitting too often.

What’s not clear to me is what I’m missing by not using Traefik or Caddy. Currently, the only thing I don’t have in my setup is central authentication. I’m leaning towards Authentik for that, and I might look at putting it on a VPS, but that’s the only thing I have planned. Other than that, almost everything’s running on a single Beelink S12. If I had to, I could probably stand up a failover pretty quickly, though.

  • @AustralianSimon
    link
    English
    5
    edit-2
    4 days ago

    Yeah it supports cert acquisition through let’s encrypt now.